Terms of Service
Last updated: February 11, 2026
1. Acceptance of Terms
By accessing or using CodeStax (“the Service”), you agree to be bound by these Terms of Service. If you are using the Service on behalf of an organization, you represent that you have authority to bind that organization to these terms.
2. Service Description
CodeStax is an AI code security platform that provides static analysis (SAST), software composition analysis (SCA), secret detection, infrastructure-as-code scanning, container security analysis, and AI code review. The Service scans source code repositories to identify security vulnerabilities, generate remediation suggestions, and provide compliance reporting.
3. User Accounts
You must provide accurate information when creating an account. You are responsible for maintaining the security of your account credentials. You must notify us immediately of any unauthorized access.
Organizations may invite team members with role-based access (Owner, Admin, Member, Viewer). Organization owners are responsible for managing their team's access and permissions.
4. Billing & Payments
Paid plans are billed in advance on a monthly or annual basis. All fees are non-refundable unless otherwise stated. We reserve the right to modify pricing with 30 days' notice.
Free tier usage is subject to the published limits (repositories, scans per month). Exceeding limits may require upgrading to a paid plan.
5. Acceptable Use
You agree not to:
- Use the Service to scan code you don't own or have authorization to scan
- Attempt to exploit identified vulnerabilities in third-party systems
- Reverse-engineer, decompile, or attempt to extract the source code of the Service
- Use the Service to develop a competing product
- Circumvent usage limits or access controls
- Share scan results publicly without authorization from the code owner
6. Intellectual Property
You retain all rights to your source code. CodeStax does not claim ownership of code you submit for scanning. We process your code solely for the purpose of providing the Service.
The CodeStax platform, including its scanning engines, AI models, user interface, and documentation, is our proprietary technology protected by intellectual property laws.
7. Data & Privacy
Your source code is processed ephemerally during scanning and is not permanently stored on our servers. Scan results and metadata are stored securely and isolated per organization.
You have the right to export all your personal data and to request permanent deletion of your account at any time from Settings → Privacy & Data. Account deletion includes a 30-day grace period during which you can cancel.
Please review our Privacy Policy for detailed information about data handling, GDPR rights, and CCPA rights.
8. Service Availability
We strive for high availability but do not guarantee uninterrupted access. Scheduled maintenance will be communicated in advance. Enterprise customers may have SLA guarantees as specified in their service agreements.
9. Limitation of Liability
CodeStax is provided “as is” without warranties of any kind. We do not guarantee that the Service will detect all security vulnerabilities in your code.
In no event shall CodeStax be liable for indirect, incidental, special, or consequential damages arising from your use of the Service. Our total liability shall not exceed the amount paid by you in the twelve months preceding the claim.
10. Termination
Either party may terminate the agreement at any time. Upon termination, your access to the Service will be revoked and scan data will be deleted within 30 days. You may export your data before termination.
11. Changes to Terms
We may update these Terms from time to time. Material changes will be communicated via email or in-app notification at least 30 days before they take effect. Continued use of the Service after changes constitutes acceptance.
12. Contact
For questions about these Terms, contact us at legal@codestax.co.